Cloud Platforms Require Stringent Cybersecurity: ISG

Rhea-AI Summary

ISG presented key insights at the Meeting the Challenge of Modern Security Threats in the Cloud virtual event, emphasizing that 45% of cyber breaches in 2021 targeted cloud platforms. Expert Doug Saylors highlighted that many enterprises mistakenly believe that cloud adoption includes automatic risk management. He stressed the necessity for organizations to conduct cybersecurity assessments to identify vulnerabilities, especially since human error remains a major factor in breaches. The firm advocates for tailored cybersecurity strategies to enhance resilience and limit potential attacks.

Positive

• ISG emphasizes the importance of cloud security assessments to mitigate risks.
• Highlighted need for tailored cybersecurity strategies to enhance resilience.

Negative

• Many enterprises mistakenly believe cloud adoption ensures automatic risk management.
• Human error remains a significant driver of cyber breaches.

ISG expert outlines cloud assessments and cybersecurity strategies to protect cloud-based workloads during ITPro Today / InformationWeek virtual event

STAMFORD, Conn.--(BUSINESS WIRE)-- Cloud assessments can significantly limit cyberattacks on cloud platforms – the target of nearly half the breaches in 2021 – an expert with Information Services Group (ISG) (Nasdaq: III), a leading global technology research and advisory firm, said today.

In a keynote address during Meeting the Challenge of Modern Security Threats in the Cloud, a virtual event hosted by IT Pro Today and InformationWeek, Doug Saylors, partner and co-lead of ISG Cybersecurity, said enterprises often assume cloud platforms deliver automatic risk management capabilities.

“The most common error we see in large organizations is a belief that adopting cloud platforms automatically includes risk transference. In fact, this is rarely the case,” Saylors said. “Basic cloud capabilities like server images, storage, backup and containers all require the same protections as on-premises assets.”

Human error continues to be a main driver of cyber breaches, impacting enterprises through stolen credentials, phishing and misuse, Saylors said. Cloud assessments expose these weaknesses and allow organizations to mitigate them before attacks occur.

“Nearly half (45 percent) of cyber breaches in 2021 occurred through attacks on cloud platforms,” Saylors said. “Significant breaches, which were initiated through phishing attacks leading to compromised credentials, are case studies in the dangers of deploying cloud platforms and software-as-a-service (SaaS) platforms without a well-thought-out cybersecurity strategy and a cyber architecture built for the cloud.”

Organizations are rapidly moving to multi-cloud environments, driven by business demand and the need to optimize the cost of running workloads. Enterprises that regularly conduct cloud security assessments using third parties and industry-standard frameworks can limit potential attacks to very narrow cloud segments, he said.

“Unfortunately, cybersecurity is rarely engaged on the front end of cloud transformation programs,” Saylors said. “Cloud storage does not guarantee immutability. Chief Information Security Officers must ensure compliance with required cyber policies to limit risk to the organization.”

Saylors recommended enterprises tailor and conduct basic cybersecurity maturity assessments leveraging standard frameworks to provide an enterprise-wide view of cyber maturity. Organizations should also assess their resiliency, their cloud-specific operational maturity, their detailed technical environment, and quantify the risk of financial loss for critical assets.

Additional information and a replay of today’s session are available on the event website.

About ISG

ISG (Information Services Group) (Nasdaq: III) is a leading global technology research and advisory firm. A trusted business partner to more than 800 clients, including more than 75 of the world’s top 100 enterprises, ISG is committed to helping corporations, public sector organizations, and service and technology providers achieve operational excellence and faster growth. The firm specializes in digital transformation services, including automation, cloud and data analytics; sourcing advisory; managed governance and risk services; network carrier services; strategy and operations design; change management; market intelligence and technology research and analysis. Founded in 2006, and based in Stamford, Conn., ISG employs more than 1,300 digital-ready professionals operating in more than 20 countries—a global team known for its innovative thinking, market influence, deep industry and technology expertise, and world-class research and analytical capabilities based on the industry’s most comprehensive marketplace data. For more information, visit www.isg-one.com.

View source version on businesswire.com: https://www.businesswire.com/news/home/20221006005842/en/

Press Contacts:

Will Thoretz, ISG

+1 203 517 3119

will.thoretz@isg-one.com

Julianna Sheridan, Matter Communications for ISG

+1 978 518 4520

isg@matternow.com

Source: Information Services Group, Inc.

FAQ

What percentage of cyber breaches in 2021 involved cloud platforms according to ISG?

ISG stated that 45% of cyber breaches in 2021 targeted cloud platforms.

Who presented the keynote at the ITPro Today and InformationWeek virtual event?

Doug Saylors, partner and co-lead of ISG Cybersecurity, delivered the keynote.

What is a common misconception about cloud security mentioned by ISG?

A common misconception is that adopting cloud platforms automatically includes risk management.

What does ISG recommend organizations do to improve cloud security?

ISG recommends conducting regular cybersecurity assessments and tailoring strategies to enhance resilience.